Kubernetes is chink in armor vs ransomware attacks

The majority of firms are underprepared to face threats against their Kubernetes environments while it is being rapidly deployed into mission-critical environments in organisations around the world, according to Veritas Technologies.

New research from multi-cloud data management company showed that 86% of organisations expect to deploy Kubernetes in the next two to three years, and one-third already relying on it today. 

However, just 33% of organisations that have deployed Kubernetes so far have tools in place to protect against data loss incidents such as ransomware.

The research, which gathered the opinions of 1,100 senior IT decision makers globally, found that 48% of organisations which have deployed Kubernetes have already experienced a ransomware attack on their containerised environments. 

Meanwhile, 89% of respondents said that ransomware attacks on Kubernetes environments are an issue for their organisations today.

Anthony Cusimano, solutions evangelist at Veritas, said that because deployment is so simple, organisations can easily surge ahead faster with their Kubernetes implementation than their Kubernetes protection. 

“Suddenly, they’ve found themselves with two-thirds of their mission-critical Kubernetes environments completely unprotected from data loss,” said Cusimano. “Kubernetes has become the Achilles heel in organizations’ ransomware defense strategies.”

The research showed that organisations expect to be able to achieve better protection of their Kubernetes environments over time, with 29% believing that ransomware will not be an issue five years from now. 

This aligns with increased spending on protection for containerised data — organisations expect to spend an average of 49% more in this area in five years’ time than they do today. This will leave less than 3% of them without data protection in place for their mission-critical Kubernetes environments. 

Further, 61% of firms expect that future investment in their protection infrastructures will leave them “very well prepared” for ransomware attacks on Kubernetes environments in the next five years.

However, Cusimano noted that if a week is a long time in politics, five years is a very long time in data protection.

“We expect to see more and more ransomware variants emerge over that time that target Kubernetes and take advantage of this Achilles heel,” he said. “Too many organisations are missing the simple solution to extend their current data protection platforms to their Kubernetes environments today, leaving them in an unenviably vulnerable position.”